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(57)Abstract: 

PROBLEM TO BE SOLVED: To update a cryptographic key as 
required, e.g. periodically or in case of possibility of a decoded 
cryptographic key without using all cryptographic keys at random 
by updating the cryptographic key selected by a command sent 
from a reader/writer. 

SOLUTION: A reader/writer 6 stores old cryptographic keys that 
were used in the past and not in use at present and a 
cryptographic key that is currently in use. Furthermore, the 
reader/writer 6 transmits an update command to a passenger card 
7 to allow the passenger card 7 to update its cryptographic key 
from an older cryptographic key to the cryptographic key used at 
present when the cryptographic key used by the passenger card 7 
is the cryptographic key that was used in the past but not in use 
at present according to a response from the passenger card 7 as a 
result of communciation between the reader/ writer 6 and the 
passenger card 7, and the passenger card 7 updates the 
cryptographic key into the cryptographic key used at present in 
response to the command. Thus, the cryptographic key of the old 
passenger card 7 having been issued before is finally updated into 
the cryptographic key used at present. 
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* NOTICES * 

JPO and NCIPI are not responsible for any 
damages caused by the use of this translation. 

LThis document has been translated by computer. So the translation may not reflect the original precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



CLAIMS 



[Claim(s)] 

[Claim 1] The storage characterized by to provide a cryptographic key storage means memorize two or 
more cryptographic keys, a cryptographic key selection means choose either from from among two or more 
cryptographic keys memorized by said cryptographic key storage means, and a renewal means of a 
cryptographic key update said cryptographic key choose with the command sent out from aforementioned 
read-out / write-in machine, in the storage constituted so that authentication and a communication link 
may perform between read-out / write-in machine using a cryptographic key. 

[Claim 2] The storage characterized by rewriting some [ at least ] cryptographic keys of two or more 
cryptographic keys memorized by said cryptographic key storage means from read-out / write-in machine 
in claim 1 . 

[Claim 3] In read-out / write-in machine constituted so that authentication and a communication link might 
be performed between storages using a cryptographic key A cryptographic key storage means to memorize 
two or more cryptographic keys, and a cryptographic key selection means to choose either from from 
among two or more cryptographic keys memorized by said cryptographic key storage means, A 
cryptographic key learning means to get to know whether the cryptographic key this storage is carrying out 
[ the cryptographic key ] current use by the response from said storage is a cryptographic key used in the 
past with read-out / the write-in machine concerned, At the time of the cryptographic key for which the 
cryptographic key said storage is carrying out [ the cryptographic key ] current use was used in the past, 
they are read-out / write-in machine characterized by providing a renewal command sending-out means of 
a cryptographic key to send out the command which updates the cryptographic key of said storage. 
[Claim 4] Read-out / write-in machine characterized by providing a cryptographic key modification means 
to change the cryptographic key which read-out / the write-in machine concerned use with the command 
from a high order device in claim 3. 

[Claim 5] Read-out / write-in machine characterized by rewriting some [ at least ] cryptographic keys of 
two or more cryptographic keys which said storage has memorized in claim 3. 

[Claim 6] a storage according to claim 1 or 2 — a card — carrying out — this card, and claim 3 thru/or 5 
— the card system with which a card, and read-out / write-in machine are characterized by to perform 
mutual recognition using the updated cryptographic key after updating the cryptographic key of a card at 
the time of the cryptographic key for which the cryptographic key has read-out / write-in machine of a 
publication in either, and the card is carrying out [ the cryptographic key ] current use was used in the 
past with aforementioned read-out / write-in machine. 

[Claim 7] A storage, and each read-out / write-in opportunity are made to memorize two or more 
cryptographic keys. Read-out / write-in machine The encryption data based on the cryptographic key 
which this storage transmitted from the storage is using, It judges whether the cryptographic key which 
compares the encryption data created by the cryptographic key which read-out / write-in machine is 
using, and the storage, and read-out / write-in machine are using is in agreement. Said encryption data 
transmitted from the storage when not in agreement, The cryptographic key compares the encryption data 
created by the cryptographic key used in the past with read-out / write-in machine, and the storage is 
carrying out [ the cryptographic key ] current use When it is the cryptographic key which judged whether it 
was the cryptographic key used in the past, and was used for said past It is the cryptographic key 
operation characterized by transmitting the updating command which makes the cryptographic key which 
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this storage is using update to a storage, and for a storage answering said updating command, and updating 
a cryptographic key. 

[Claim 8] A storage according to claim 1 or 2 is used as an entrainment card. This entrainment card, It has 
the automatic ticket gate equipped with read-out / write-in machine according to claim 3 or 4 which 
performs read-out/writing to this. Read-out / write-in machine The encryption data based on the 
cryptographic key which this entrainment card transmitted from the entrainment card is using, It judges 
whether the cryptographic key which compares the encryption data created by the cryptographic key 
which read-out / write-in machine is using, and the entrainment card, and read-out / write-in machine are 
using is in agreement. Said encryption data transmitted from the entrainment card when not in agreement, 
The cryptographic key which compares the encryption data created by the cryptographic key used in the 
past with read-out / write-in machine, and the entrainment card is using When it is the cryptographic key 
which judged whether it was the cryptographic key used in the past, and was used in the past It is the 
station service system characterized by transmitting the updating command which makes the 
cryptographic key which this entrainment card is using update to an entrainment card, and for an 
entrainment card answering said updating command, and updating a cryptographic key. 
[Claim 9] It is the station service system which uses a storage according to claim 1 or 2 as an entrainment 
card, has this entrainment card and the card issue machine equipped with read-out / write-in machine 
according to claim 5 which performs read-out/writing to this, and is characterized by read-out / write-in 
machine rewriting two or more cryptographic keys memorized by this entrainment card at the time of issue 
of an entrainment card. 

[Claim 10] The card issue machine which uses a storage according to claim 1 or 2 as an entrainment card, 
sets as it so that said cryptographic key which carries out current use may be chosen with a cryptographic 
key selection means, and publishes this entrainment card for it while writing two or more cryptographic 
keys which are due to be used the cryptographic key which carries out current use, and in the future in the 
cryptographic key storage means of this entrainment card. 



[Translation done.] 
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* NOTICES * 

JPO and NCIPI are not responsible for any 
daaages caused by the use of this translation. 

1. This document has been translated by computer. So the translation may not reflect the original precisely. 

2. **** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 

DETAILED DESCRIPTION 

[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to a card issue machine at station service system lists, such 
as a storage which memorizes data, read-out / write-in machine which performs read-out/writing to this 
storage, a card system using them, suitable cryptographic key operation for them, and an automatic wicket 
using them. 
[0002] 

[Description of the Prior Art] For example, when processing the card which is a storage for the close 
payment of a card etc. with read-out / write-in machine of an automatic tariff collection machine, it is 
necessary to secure the security nature of a card. Therefore, encryption of the mutual recognition using a 
code or a communication link is usually performed between the card, and read-out / write-in machine. In 
addition, although mutual recognition is attesting mutually whether read-out / write-in machine which 
serves as a communications partner, in view of a card side being just, and whether the card which is a 
communications partner, in view of a read-out side / write-in machine side being just, a partner usually 
judges by whether the just cryptographic key is known mutually. 
[0003] 

[Problem(s) to be Solved by the Invention] In above-mentioned cipher processing, although there is a 
method with which all cards, and read-out / write-in machines also used the same cryptographic key 
(common cryptographic key), when a common cryptographic key is known by others, by this method, there 
is once a fault that the security nature of the whole system will be spoiled. 

[0004] In order to abolish this fault, two or more cryptographic keys which two or more cryptographic keys 
are stored in a card, and a card has also in read-out / write-in machine are made to memorize, and there 
is a system it was made to have security nature raised by using any one cryptographic key in said two or 
more cryptographic keys at random in cipher processing between cards in write-in read-out / machine 
side. 

[0005] When considering as the problem in such a case has the danger that two or more cryptographic 
keys of all will be monitored and decoded while using the cryptographic key for said random and a card, and 
read-out / write-in machine communicate by non-contact especially, the danger increases. Then, although 
it can consider making two or more cryptographic keys of all that a card memorizes change into two or 
more of other cryptographic keys all at once, modification of such a cryptographic key is considered from 
the use gestalt of the card that many cards are used being published, and is impossible in practice. 
[0006] In view of an above-mentioned technical technical problem, it succeeds in this invention, and not all 
cryptographic keys are used for it at random, but when required, when there is a possibility that the 
cryptographic key might be decoded, it enables it to update a cryptographic key, and, moreover, it aims at 
periodical or being made not to change two or more cryptographic keys of a storage all at once. 
[0007] 

[Means for Solving the Problem] In order to attain the above-mentioned purpose, it constitutes from this 
invention as follows. 

[0008] Namely, the storage of this invention of claim 1 is set to the storage constituted so that 
iauthentication and a communication link might be performed between read-out / write-in machine using a 
cryptographic key. A cryptographic key storage means to memorize two or more cryptographic keys, a 
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cryptographic key selection means to choose either from from among two or more cryptographic keys 
memorized by said cryptographic key storage means, and a renewal means of a cryptographic key to 
update said cryptographic key to choose with the command sent out from aforementioned read-out / 
write-in machine are provided. 

[0009] Here, updating means switching and using the cryptographic key currently used for another 
cryptographic key of two or more cryptographic keys, and it will be used at every updating for the 
cryptographic key which was being used till then by one cryptographic key in two or more cryptographic 
keys, replacing with. 

[0010] Moreover, the communication link between a storage, and read-out / write-in machine may be 
which method of a wired system or radio system. 

[001 1] The storage of this invention of claim 2 rewrites some [ at least ] cryptographic keys of two or 
more cryptographic keys memorized by said cryptographic key storage means from read-out / write-in 
machine in claim 1. 

[0012] In read-out / write-in machine constituted so that read-out / write-in machine of this invention of 
claim 3 might perform authentication and a communication link between storages using a cryptographic key 
A cryptographic key storage means to memorize two or more cryptographic keys, and a cryptographic key 
selection means to choose either from from among two or more cryptographic keys memorized by said 
cryptographic key storage means, A cryptographic key learning means to get to know whether the 
cryptographic key this storage is carrying out [ the cryptographic key ] current use by the response from 
said storage is a cryptographic key used in the past with read-out / the write-in machine concerned, At 
the time of the cryptographic key for which the cryptographic key said storage is carrying out [ the 
cryptographic key ] current use was used in the past, a renewal command sending-out means of a 
cryptographic key to send out the command which updates the cryptographic key of said storage is 
provided. 

[0013] Read-out / write-in machine of this invention of claim 4 possess a cryptographic key modification 
means to change the cryptographic key which read-out / the write-in machine concerned use with the 
command from a high order device, in claim 3. 

[0014] Read-out / write-in machine of this invention of claim 5 rewrite some [ at least ] cryptographic 
keys of two or more cryptographic keys which said storage has memorized in claim 3. 

[0015] The card system of this invention of claim 6 uses a storage according to claim 1 or 2 as a card. This 
card, claim 3 thru/or 5 — it has read-out / write-in machine of a publication in either, and at the time of 
the cryptographic key for which the cryptographic key the card is carrying out [ the cryptographic key ] 
current use was used in the past with read-out / write-in machine, after updating the cryptographic key of 
a card, a card, and read-out / write-in machine perform mutual recognition using the updated 
cryptographic key. 

[0016] The cryptographic key operation of this invention of claim 7 makes a storage, and each read-out / 
write-in opportunity memorize two or more cryptographic keys. Read-out / write-in machine The 
encryption data based on the cryptographic key which this storage transmitted from the storage is using, It 
judges whether the cryptographic key which compares the encryption data created by the cryptographic 
key which read-out / write-in machine is using, and the storage, and read-out / write-in machine are using 
is in agreement. Said encryption data transmitted from the storage when not in agreement, Judge whether 
the cryptographic key which compares the encryption data created by the cryptographic key used in the 
past with read-out / write-in machine, and the storage is using is a cryptographic key used in the past, and 
a storage is received when it is the cryptographic key used in the past. Transmitting the updating command 
which makes the cryptographic key which this storage is using update, a storage answers said updating 
command and updates a cryptographic key. 

[0017] The station service system of this invention of claim 8 uses a storage according to claim 1 or 2 as 
an entrainment card. This entrainment card, It has the automatic ticket gate equipped with read-out / 
write-in machine according to claim 3 or 4 which performs read-out/writing to this. Read-out / write-in 
machine The encryption data based on the cryptographic key which this entrainment card transmitted from 
the entrainment card is using, It judges whether the cryptographic key which compares the encryption data 
created by the cryptographic key which read-out / write-in machine is using, and the entrainment card, 
and read-out / write-in machine are using is in agreement. Said encryption data transmitted from the 
entrainment card when not in agreement, The cryptographic key which compares the encryption data 



http://www4.ipdl.ncipi.gojp/cgi-bin/tran_web_cgi_eije 



2006/06/26 



JP,2000-092040,A [DETAILED DESCRIPTION] 



3/11 ^— v 



created by the cryptographic key used in the past with read-out / write-in machine, and the entrainment 
card is using It judges whether it is the cryptographic key used in the past, and the updating command 
which makes the cryptographic key which this entrainment card is using update to an entrainment card 
when it is the cryptographic key used in the past is transmitted, and an entrainment card answers said 
updating command and updates a cryptographic key. 

[0018] The station service system of this invention of claim 9 uses a storage according to claim 1 or 2 as 
an entrainment card, it has this entrainment card and the card issue machine equipped with read-out / 
write-in machine according to claim 5 which performs read-out/writing to this, and read-out / write-in 
machine rewrites two or more cryptographic keys memorized by this entrainment card at the time of issue 
of an entrainment card. 

[0019] The card issue machine of this invention of claim 10 uses a storage according to claim 1 or 2 as an 
entrainment card, while it writes two or more cryptographic keys which are due to be used the 
cryptographic key which carries out current use, and in the future in the cryptographic key storage means 
of this entrainment card, is set as it so that said cryptographic key which carries out current use may be 
chosen with a cryptographic key selection means, and publishes this entrainment card for it. 
[0020] (Operation) Since cipher processing is performed in cipher processing between read-out / write-in 
machine using either of two or more cryptographic keys according to the storage of claim 1 Since the 
cryptographic key which the security nature of the whole system is not spoiled and is used is also updated 
if needed by the command from read-out / write-in machine even if one common cryptographic key is 
decoded like a common cryptographic key method A possibility that all cryptographic keys may be 
monitored and decoded is low like the conventional example using all cryptographic keys at random. 
[0021] According to the storage of claim 2, by the time two or more cryptographic keys memorized will be 
altogether used by updating, some [ at least ] cryptographic keys of two or more cryptographic keys can 
be rewritten from read-out / write-in machine to a new cryptographic key. By this, updating to a new 
cryptographic key is attained permanently. 

[0022] Since the cryptographic key which judges whether the cryptographic key which the storage is using 
is a cryptographic key used in the past with read-out / write-in machine according to read-out / the 
write-in machine of claim 3, sends out an updating command to a storage when it is the cryptographic key 
used in the past, and a storage uses can be updated, the cryptographic key of a storage can be made in 
agreement with the newest cryptographic key which read-out / write-in machine is using now. 
[0023] Since the cryptographic key used with the command from a high order device is changed according 
to read-out / the write-in machine of claim 4 The need is accepted. At for example, when [ periodical or 
when there is a possibility that the cryptographic key which is carrying out current use may be decoded ] 
The cryptographic key used with the command from a high order device can be changed into a new 
cryptographic key, and the cryptographic key which a storage uses according to an operation of claim 3 
can also make it further in agreement with the changed cryptographic key. 

[0024] Since some [ at least ] cryptographic keys of two or more cryptographic keys which the storage has 
memorized are rewritten according to read-out / the write-in machine of claim 5, by the time all the 
cryptographic keys with which renewal of sequential is carried out and the cryptographic keys of a storage 
are remembered to be will be used, it can rewrite to a new cryptographic key, and updating to a new 
cryptographic key is permanently attained by this. 

[0025] If the cryptographic key of a card is a cryptographic key used in the past even if the cryptographic 
key of a card, and a read-out / write-in machine is not in agreement according to the card system of claim 
6, since the cryptographic key of a card is updated and it is in agreement with the cryptographic key of 
read-out / write-in machine, mutual recognition becomes possible. 

[0026] According to the cryptographic key operation of claim 7, read-out / write-in machine By comparing 
the encryption data from a storage with the created encryption data Judge whether the cryptographic key 
of a storage is in agreement with the cryptographic key which read-out / write-in machine is using, and 
when not in agreement Since it judges whether the cryptographic key of a storage is a cryptographic key 
used in the past with read-out / write-in machine, and the cryptographic key of a storage is made to 
update when it is the past cryptographic key, the cryptographic key of the cryptographic key of a storage, 
and a read-out / write-in machine can be made in agreement. 

[0027] According to the station service system of claim 8, it sets to cipher processing between an 
entrainment card, and read-out / write-in machine of an automatic ticket gate. An entrainment card, and 
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read-out / write-in machine Even if a common cryptographic key is decoded like [ since two or more 
cryptographic keys are memorized ] the common cryptographic key method which has memorized only one 
common cryptographic key, the security nature of the whole system is not spoiled. Moreover, since the 
cryptographic key to be used is also updated if needed by the command from read-out / write-in machine, 
a possibility that all cryptographic keys may be monitored and decoded is low like the conventional example 
using all cryptographic keys at random. 

[0028] According to the station service system of claim 9, since a card issue machine rewrites two or more 
cryptographic keys memorized by the entrainment card at the time of issue of an entrainment card, 
updating of it to a new cryptographic key is attained permanently. 

[0029] While writing in two or more cryptographic keys which are due to be used the cryptographic key 
which carries out current use, and in the future, without according to the card issue machine of claim 10 
performing mutual recognition etc. at the time of issue of the completely new entrainment card which is 
not used rather than collecting the entrainment cards used till then and publishing as a new entrainment 
card, it sets up and an entrainment card can be published so that the cryptographic key which carries out 
current use may be chosen. 
[0030] 

[Embodiment of the Invention] Hereafter, a drawing explains the gestalt of operation of this invention to a 
detail. 

[0031] Drawing 1 is drawing showing the whole station service system configuration to which this invention 
is applied, and is set to this drawing. 7 Entrainment cards, such as a commuter pass as a storage (for 
example, non-contact communication link IC card), Read-out / write-in machine with which 6 performs a 
non-contact communication link between this entrainment card 7 (reader/writer), The automatic ticket 
gate with which 1 was equipped with read-out / write-in machine 6, the card issue machine with which 4 
was equipped with read-out / write-in machine 6, and 5 are the settlement-of-accounts machines 
equipped with read-out / write-in machine 6, and 25 is a host computer which controls these. An 
automatic ticket gate 1 and two or more settlement-of-accounts machines 4 are installed within the 
enclosure of a station. 

[0032] The entrainment card 7 is published with the card issue machine 4. Data, such as the entrainment 
section and a use expiration date, are recorded on this published entrainment card 7. A user receives the 
ticket gate of an automatic ticket gate 1 using published entrainment card **. The card issue machine 4 
and the automatic ticket gate 1 are equipped with read-out / write-in machine 6. The card issue machine 4 
and an automatic ticket gate 1 serve as a high order device to read-out / write-in machine 6. Moreover, a 
host computer 25 serves as a high order device to the card issue machine 4, an automatic ticket gate 1 , 
etc. The automatic ticket gate 1 is equipped with that of CPU26, a host computer 25, and the read-out / 
write-in machine 6, the interface circuitries 27 and 28 of a between, memory 29, the door control circuit 
30, etc., and the card issue machine 4 is equipped with the control panel 35 for the interface circuitries 32 
and 33 between CPU31, a host computer 25, and read-out / write-in machine 6, memory 34, and card 
issue etc. In addition, the reference mark used by the below-mentioned explanation is given to the block 
which constitutes read-out / write-in machine 6. 

[0033] Here, in advance of explanation of the main configurations of a system, the outline about the 
operation of the cryptographic key of the gestalt of this operation is explained. 

[0034] Between the entrainment card 7, and read-out / write-in machine 6, in order to secure security 
nature, the authentication and the communication link which used the cryptographic key are performed, but 
in order to cancel the fault of code mode of processing of the conventional example, it constitutes from a 
gestalt of this operation as follows. 

[0035] Namely, two or more cryptographic keys which are due to be used for the entrainment card 7 from 
now on at the time of card issue are made to memorize. It sets up so that the cryptographic key (for 
example, cryptographic key which should be used at the card issue time) beforehand defined of two or 
more of the cryptographic keys may be used. When there is an updating command from read-out / write-in 
machine 6, it constitutes so that it may update to the cryptographic key specified by the command and the 
updated cryptographic key may be used. 

[0036] Since a large number are published by the target one by one for a long period, the entrainment card 
7 The contents of two or more cryptographic keys memorized by the entrainment card 7 are also switched 
to a new cryptographic key by the target one by one if needed. Therefore, two or more cryptographic keys 
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memorized by the entrainment card 7 published at the beginning (for example, K1, K2, K3. K4.K5), with two 
or more cryptographic keys (for example, K2, K3, K4, K5, K6) memorized by the entrainment card 7 
published behind, a common cryptographic key (K2, K3, K4, K5) exists, also although kicked While the old 
cryptographic key (K1) which is not memorized by the next entrainment card 7 is memorized by the original 
entrainment card 7, on it, the case where the new cryptographic key (K6) which is due to be used in the 
future which will not be memorized by the original entrainment card 7 is memorized will arise at the next 
entrainment card 7. 

[0037] And two or more cryptographic keys memorized common to all the entrainment cards 7 turn into an 
usable cryptographic key, and two or more of the cryptographic keys will be used in sequence. 
[0038] On the other hand, it was used in the past, and the old cryptographic key (for example, K1) which is 
not used and the cryptographic key (for example, K2) by which current use is carried out are memorized at 
least by read-out / write-in machine 6. and current uses this cryptographic key (for example, K2) for it. 
[0039] Furthermore, in read-out / write-in machine 6, it sets to the communication link between the 
entrainment cards 7. If it is the cryptographic key (for example, K1) by which the cryptographic key which 
the entrainment card 7 is using was used in the past, and current use is not carried out from the response 
of the entrainment card 7 An updating command is sent out so that it may update to the entrainment card 
7 to the cryptographic key (for example, K2) by which current use is carried out, this is answered and the 
entrainment card 7 is updated to the cryptographic key (for example, K2) by which current use is carried 
out. 

[0040] Therefore, the old entrainment card 7 published at the beginning will be updated and unified into the 
cryptographic key (for example, K2) by which current use is finally carried out by the communication link 
with read-out / write-in machine 6. 

[0041] In order to secure the security nature of a system, periodically or when there is a possibility that 
the cryptographic key by which current use is carried out might be decoded With the change command 
from the automatic ticket gate 1 which is a high order device, read-out / write-in machine 6 While 
changing into a use way cryptographic key (for example, K3) next the cryptographic key (for example, K2) 
which is carrying out current use, the cryptographic key (K2) which was being used till then is added as an 
old cryptographic key, and this changed cryptographic key (K3) is used henceforth. Therefore, in this time, 
two or more cryptographic keys (for example, K1, K2) by which used it for read-out / write-in machine 6 in 
the past, and current use is not carried out, and the cryptographic key (for example, K3) by which current 
use is carried out will be memorized. 

[0042] By the communication link with read-out / write-in machine 6, and the entrainment card 7 which 
changed the cryptographic key with the change command from a high order device While the entrainment 
card 7 is using the cryptographic key (for example, K2) currently used for the past by which current use is 
not carried out Read-out / write-in machine 6 sends out an updating command so that it may update to 
the entrainment card 7 to the cryptographic key (for example, K3) by which current use is carried out, 
answers this and updates the entrainment card 7 to the cryptographic key (for example, K3) by which 
current use is carried out. 

[0043] Therefore, the entrainment card 7 will be updated and unified into the cryptographic key (for 
example, K3) by which current use is finally carried out by the communication link with read-out / write-in 
machine 6. 

[0044] Thus, since renewal of sequential of two or more cryptographic keys is carried out if needed and 
cipher processing is performed Since the cryptographic key which the security nature of the whole system 
is not spoiled and is used is also updated if needed by the updating command from read-out / write-in 
machine 6 even if one common cryptographic key is decoded like a common cryptographic key method A 
possibility that all cryptographic keys may be monitored and decoded is low like the conventional example 
using all cryptographic keys at random. 

[0045] Furthermore, since renewal of the cryptographic key of the entrainment card 7 was also performed 
by the updating command by the communication link with read-out / write-in machine 6, it did not need to 
be said that two or more cryptographic keys of all the entrainment cards 7 were changed all at once. 
[0046] Hereafter, the main configurations of this entrainment card 7, and a read-out / write-in machine 6 
grade are explained to a detail. 

[0047] Drawin g 2 is the appearance perspective view of the automatic ticket gate 1 equipped with read- 
out / write-in machine of the gestalt of this operation, and this automatic ticket gate 1 separates the 
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ticket gate path 36, and is equipped with the body 2 of a ticket gate machine of the pair which carries out 
phase opposite. In each side face of the body 2 of both the ticket gate machine, the door which permits or 
prevents passage of the ticket gate path 36 and which is not illustrated is arranged. In each body 2 of a 
ticket gate machine, read-out / write-in machine 6 is formed, and it is arranged so that the antenna coil 23 
may attend the top face of each body 2 of a ticket gate machine. 

[0048] When the antenna coil with which the entrainment cards 7, such as a commuter pass, are equipped 
is located in a communications area, data communication is possible for this antenna coil 23 between the 
antenna coil of that entrainment card 7 non-contact. As shown in drawing 2 , the data communication of 
the user who carries the entrainment card 7 becomes possible only by [ with the antenna coil 23 of read- 
out / write-in machine 6 in which the entrainment card 7 was formed by the body 2 of a ticket gate 
machine ] holding up to the communications area for a communication link. 

[0049] Read-out / write-in machine 6 communicates with the entrainment card 7, and the automatic ticket 
gate 1 which is a high order device judges truth, entrainment conditions, etc. of the entrainment card 7 
based on the communication link, and controls, opens wide or stops a door based on this. 
[0050] The entrainment card 7 of the gestalt of this operation has memorized two or more cryptographic 
keys as mentioned above. Encryption and a decryption are performed using one certain cryptographic key 
out of the cryptographic key of these plurality. Moreover, two or more cryptographic keys of all that 
updated to the cryptographic key which uses for a degree the cryptographic key which is carrying out 
current use with the updating command of read-out / write-in machine 6 of an automatic ticket gate 1, 
and have been memorized at the time of card issue with read-out / write-in machines, such as the card 
issue machine 4, are made to be rewritten. In addition, it is not two or more cryptographic keys of all of the 
entrainment card 7, and you may make it rewrite only a used cryptographic key to a new cryptographic key 
at the time of card issue. 

[0051] Hereafter, the entrainment card 7 is explained with reference to drawing 3 . The entrainment card 7 
has CPU8, program memory 9, data memory 10, the cryptographic key storage memory 11, the code circuit 
12, the strange recovery power circuit 13, and antenna coil 14 inside. 

[0052] CPU8 processes data transmission to read-out / write-in machine 6 while performing processing 
based on the command from read-out / write-in machine 6 received through antenna coil 14 using the 
program data stored in program memory 9, and the working data stored in data memory 10. 
[0053] It writes in the command sent out to the entrainment card 7 from card read-out / write-in machine 
6 with polling, authentication, and read-out of data, and it has prohibition etc. CPU8 receives such a 
sending-out command from card read-out / write-in machine 6 with antenna coil 14, and restores to it in 
the strange demodulator circuit 13, and while incorporating and analyzing after making it process to decode 
in the code circuit 12 etc., processing according to this analyzed command is performed. 
[0054] Two or more cryptographic keys (a cryptographic key 1, a cryptographic key 2, a cryptographic key 
3, — , a cryptographic key n) the entrainment card 7 is due to use between read-out / write-in machine 6 
of an automatic ticket gate 1 from now on are made to memorize as a cryptographic key storage means, 
with read-out / write-in machine 6 of the card issue machine 4 at the time of issue of the entrainment 
card 7, as drawing 4 shows by the cryptographic key storage memory 1 1 . It can read a cryptographic key 
no longer from the exterior unjustly, read-out of the cryptographic key of these [ from the cryptographic 
key storage memory 1 1 ] plurality being used as the hardware configuration which is impossible at all from 
the outside. What is necessary is for this hardware configuration to form the cryptographic key storage 
memory 1 1 in the same LSI chip as CPU8, not to output a cryptographic key, even if it applies a test pin to 
this LSI chip and gives a signal, or to lose a test terminal, and only for CPU8 in an LSI chip to be able to be 
made to perform read-out of the data from the cryptographic key storage memory 11, and just to make it 
not take out the bus between CPU8 and the cryptographic key storage memory 1 1 as a terminal out of an 
LSI chip. Read-out of a cryptographic key can be prevented from the ability doing entirely from the 
exterior of an LSI chip by this (outside a circuit). 

[0055] CPU8 chooses the cryptographic key 1 of drawing 4 memorized by the cryptographic key storage 
memory 1 1, a cryptographic key 2, a cryptographic key 3, — , one cryptographic key beforehand set up 
from the cryptographic key n as a cryptographic key selection means, and inputs this into the code circuit 
12. Usually, at the time of card issue, since the cryptographic key 1 currently used at the time, two or 
more cryptographic keys 2 and 3 of the schedule used in order from now on, and — are made to memorize, 
it is set up at the beginning as a cryptographic key which should use a cryptographic key 1 . 
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[0056] Then, if there is an updating command from read-out / write-in machine 6 of an automatic ticket 
gate 1, CPU8 will input this into the code circuit 12, after updating a setup to other cryptographic keys 
specified by the updating command from the cryptographic key by which a current setup is carried out as a 
renewal means of a cryptographic key according to the command. 

[0057] The code circuit 12 decrypts by enciphering using the cryptographic key chosen as mentioned 
above, and is used also in mutual recognition with read-out / write-in machine 6 of an automatic ticket 
gate 1. Of course, the entrainment card 7 in the gestait of this operation receives read-out of data and the 
command of writing only after the mutual recognition between read-out / write-in machine 6. 
[0058] The strange recovery power circuit 1 3 generates the power source of the entrainment card 7 by the 
transmitting field from read-out / write-in machine 6 which won popularity with the modulation of the data 
transmitted to read-out / write-in machine 6 of an automatic ticket gate 1, the recovery of data which 
received from read-out / write-in machine 6, and antenna coil 14. 

[0059] A cryptographic key storage means for read-out / write-in machine 6 of the gestait of this 
operation to be constituted so that authentication and a communication link may be performed between 
the entrainment cards 7 using a cryptographic key, and to memorize two or more cryptographic keys, A 
cryptographic key selection means to choose either from from among two or more cryptographic keys 
memorized by said cryptographic key storage means, A cryptographic key learning means to get to know 
whether the cryptographic key current use is carried out [ the cryptographic key ] with the entrainment 
card by the response from said entrainment card is a cryptographic key of the gap used in the past, At the 
time of the cryptographic key for which the cryptographic key by which current use is carried out with the 
entrainment card was used in the past A command sending-out means to send out the command which 
updates the cryptographic key of an entrainment card, and a cryptographic key modification means to 
change the cryptographic key which read-out / the write-in machine concerned use with the command 
from a high order device are provided. 

[0060] Hereafter, with reference to drawing 5 , read-out / write-in machine 6 is explained. This read-out / 
write-in machine 6 have CPU15, program memory 16, data memory 17, the code circuit 18, the 
cryptographic key storage memory 19 for entrainment cards, the cryptographic key storage memory 20 for 
high order devices, the interface 21 for high order devices, the strange demodulator circuit 22, and antenna 
coil 23. A high order device is an automatic ticket gate 1 or the card issue machine 4 as mentioned above. 
[0061] An automatic ticket gate 1 controls the drive of a door other than read-out / write-in machine 6, or 
communicates with a host computer 25, and is connected through the interface 21 for high order devices 
of read-out / write-in machine 6. 

[0062] Read-out / write-in machine 6 performs mutual recognition to a power up also between the 
automatic ticket gates 1 which are high order devices, secures the security nature of connection and 
performs processing according to the application in high order devices, such as an automatic ticket gate 
after it. 

[0063] In order to secure the security nature of a system, the duration of service of the cryptographic key 
by which current use is carried out reaches at a fixed period, or or when there is a possibility that the 
cryptographic key by which current use is carried out might be decoded The command which changes the 
cryptographic key which is carrying out current use from the host computer 25 to CPU15 of read-out / 
write-in machine 6 through the automatic ticket gate 1 which is a high order device is given. For example, 
by this The cryptographic key of the cryptographic key storage memory 19 for entrainment cards is 
rewritten like the after-mentioned, and is changed. Then, read-out / write-in machine 6 performs 
processing with the entrainment card 7 by the changed cryptographic key. 

[0064] Drawing 6 is drawing showing an example of the duration of service of a cryptographic key. This 
example If it passes favorably, without the situation of decode of a cryptographic key arising, it will be what 
changes a cryptographic key every three months. A cryptographic key 1 If it is already used for three 
months from January 1, 1998 to March [ of the same year ] 31, a cryptographic key 2 is current using it 
after that and it passes favorably A cryptographic key 2 is due to be used till June 30, 1998, and a 
cryptographic key 3 is due to be changed into a cryptographic key 3 and to be used from July 1, 1998. 
[0065] Next, actuation of read-out / write-in machine 6 is explained. Read-out / write-in machine 6 
decodes the command received from high order devices, such as an automatic ticket gate 1, through the 
interface 21 for high order devices, analyzes the decoded command by CPU15, and performs processing 
according to the command. If the command from a high order device is a command of reading data called 
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the shelf-life of the data about the entrainment card 7 memorized by the data memory 10 of the 
entrainment card 7, for example, a commuter pass, and the entrainment section of a commuter pass After 
making it encipher in the code circuit 1 8 using the cryptographic key chosen from the cryptographic key 
storage memory 19 for entrainment cards and modulating the lead command which reads data in the data 
memory 10 of the entrainment card 7 in the strange demodulator circuit 22, it transmits to the entrainment 
card 7 from antenna coil 23. And if the response returned from the entrainment card 7 to said lead 
command is received, it restores to it in the strange demodulator circuit 22, and after decoding in the code 
circuit 18, the data of the entrainment card 7 will be obtained. And the data is enciphered in the code 
circuit 18, and it transmits to a high order device from the interface 21 for high order devices as a 
response. And from this response, the high order device 1, for example, an automatic ticket gate, will open 
a closing motion door, if the entrainment card 7 is just, and if not just, it will control it not to open a closing 
motion door. 

[0066] Here, there are the renewal command of a cryptographic key of the entrainment card 7 and the 
cryptographic key rewriting command of the entrainment card 7 other than the command from the former, 
such as polling, authentication, read-out of data, and writing, among the commands given to the 
entrainment card 7 from read-out / write-in machine 6. Moreover, there are the renewal command of a 
cryptographic key of the entrainment card 7, the cryptographic key rewriting command of the entrainment 
card 7, and the cryptographic key rewriting command of card read-out / write-in machine 6 other than the 
command from the former, such as read-out of data to a communication link command with the 
entrainment card 7, authentication, card read-out / write-in machine 6 and writing, among the commands 
which are high order devices from an automatic gate machine, a card issue machine, etc. 
[0067] The cryptographic key (the old cryptographic key - m, — , the old cryptographic key -1) which was 
being used in the past between the entrainment cards 7 as drawing 7 showed the cryptographic key 
storage memory 19 for entrainment cards, and the cryptographic key (the present cryptographic key 0) 
used now are memorized. The cryptographic key storage memory 19 for entrainment cards is only for 
writing, serves as a hardware configuration which reads from the exterior and is impossible, and has come 
to be unable to perform read-out of the inaccurate cryptographic key from the outside. Since it mentioned 
above about this hardware configuration, that explanation is omitted. The encryption for entrainment card 7 
processing and decode are performed using the cryptographic key by which current use is carried out 
among two or more cryptographic keys memorized by this cryptographic key storage memory 1 9 for 
entrainment cards. 

[0068] Moreover, if the command which should change the cryptographic key which is carrying out current 
use from the automatic ticket gate 1 which is a high order device is given According to the change 
command, the present cryptographic key 0 of drawing 7 is rewritten by the cryptographic key which should 
be changed. The present cryptographic key 0 currently used till then turns into the old cryptographic key - 
1, the old cryptographic key -1 till then turns into the old cryptographic key -2, and is hereafter rewritten 
by the contents passed around, and processing is performed henceforth using this rewritten present 
cryptographic key 0. In addition, what is necessary is to overwrite and just to eliminate the oldest 
cryptographic key, since it becomes unnecessary when a possibility that it may be used with all the 
entrainment cards 7 published is lost. 

[0069] Moreover, although it was made to be rewritten by the change command from a high order device, 
as a gestalt of other operations of this invention, the cryptographic key which read-out / write-in machine 
6 uses may make two or more cryptographic keys to be used also in read-out / write-in machine 6 from 
now on memorize beforehand, and it may consist of gestalten of this operation so that the cryptographic 
key which carries out current use with the updating command from a high order device may be changed. 
[0070] The code circuit 18 performs encryption of a plaintext, and decode of a cipher using a cryptographic 
key, and is used also in the mutual recognition of a high order device besides encryption of correspondence 
(a command, response) with a high order device or the entrainment card 7, and decode, and the 
entrainment card 7. The entrainment card 7 usually receives other commands after termination of mutual 
recognition with read-out / write-in machine 6. 

[0071] Next, the processing in an automatic ticket gate 1 is explained with reference to the flow chart 
shown by drawing 8 . 

[0072] When there is no entrainment card 7 into the communications area which can communicate with 
read-out / write-in machine 6 of the body 2 of a ticket gate machine, as for read-out / write-in machine 6, 
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the polling command is always sent out from antenna coil 23 the fixed period of 10 ms extent (step n1). If 
the entrainment card 7 advances into said communications area and the response to a polling command is 
returned from the entrainment card 7 (step n2), mutual recognition between read-out / write-in machine 6, 
and the entrainment card 7 will be performed (step n3). This mutual recognition is explained later using 
drawing 9 . If mutual recognition is O.K., the writing of read-out of the data of the entrainment card 7 and 
the data to the entrainment card 7 will be processed (step n4), and prohibition of a response will be 
processed so that the entrainment card [ finishing / processing ] 7 may not answer the last to polling of as 
opposed to the following entrainment card 7 in read-out / write-in machine 6 (step n5). 
[0073] Next, said mutual recognition is explained with reference to drawing 9 . 

[0074] The random data Dr are sent out from read-out / write-in machine 6 to the entrainment card 7 
(step n10). The entrainment card 7 enciphers the random data D using the cryptographic key currently 
used with this entrainment card 7, makes it encryption data Dr', and transmits the enciphered data Dr' to 
read-out / write-in machine 6. It enciphers using cryptographic key K (0) which receives the data Dr and 
which is, on the other hand (step n1 1), carrying out current use of the random data Dr, and read-out / 
write-in machine 6 obtains encryption data Dr (0) (step n12). And although the entrainment card 7 will 
attest with the right entrainment card 7 if both data Dr' (0) and Dr' of write-in machine [ read-out / ] 6 
correspond as compared with encryption data Dr' to which the enciphered data Dr (0) has been 
transmitted from the entrainment card 7 (step n13) When not in agreement, it becomes whether the 
entrainment card 7 is the inaccurate entrainment card 7 or the cryptographic key which the entrainment 
card 7 is using is an old cryptographic key. 

[0075] When the entrainment card 7 attests with a right entrainment card, shortly, the random data Dc are 
received from the entrainment card 7 (step n21), this random data Dc is enciphered by cryptographic key K 
(0) which is carrying out current use (step n22), and it sends out to the entrainment card 7 as encryption 
data Dc' (step n23). If the response to this sending out is received from the entrainment card 7 (step n24), 
in Authentication O.K., (step n25) and mutual recognition are completed from receiving contents (step n26), 
and when it is not O.K., it will consider as mutual recognition NG (step n27). 

[0076] In step n13, when the entrainment card 7 does not attest with a right entrainment card After 
initializing the number of a cryptographic key to 0 (n= 0), read-out / write-in machine 6 (Step n14), It is 
made the number of the old cryptographic key which was using the number of a cryptographic key in the 
past (n=n +1) (step n15), data are enciphered using cryptographic key [ of this number ] K (n) (step n17), 
and it judges whether it is in agreement with the cipher returned from the entrainment card 7 (step n18). 
Sequential selection of the old cryptographic key which card read-out / write-in machine 6 has memorized 
is made until it can judge it as coincidence (step n16). In the case where the number became Dr'=Dr ? (n) by 
the old cryptographic key of n, and it is in agreement, card read-out / write-in machine 6 So that the 
cryptographic key which the entrainment card 7 was using may judge it as cryptographic key K with the old 
number (n) and it may update to the entrainment card 7 to cryptographic key K (0) by which current use is 
carried out Namely, the entrainment card 7 which is using the cryptographic key of the pointer n of the 
cryptographic key storage memory 1 1 is received. The renewal command of a cryptographic key is sent out 
so that it may update to the cryptographic key of a pointer 0 (step n19), and K (0) is made to update the 
cryptographic key which the entrainment card 7 uses, processing after step n21 is performed, and it 
attests with the entrainment card 7 being just. 

[0077] Moreover, it may be made to attest again after renewal of the cryptographic key of the entrainment 
card 7 using a new cryptographic key. In addition, when the cipher of the cryptographic keys [ neither of ] 
of the old cryptographic key which read-out / write-in machine 6 holds corresponds, the entrainment card 
7 is judged to be the inaccurate entrainment card 7 (step n20). 

[0078] Next, processing by read-out / write-in machine 6 of the card issue machine 4 is explained. 
[0079] It is the same as that of drawin g 8 about polling, response reception, and mutual recognition O.K. as 
shown by drawing 1 0 in the card issue machine 4. After mutual recognition is completed by drawing 10 , a 
cryptographic key rewriting command is transmitted and rewriting of the data containing the cryptographic 
key of the entrainment card 7 is processed (step n4). Two or more cryptographic keys of the cryptographic 
key storage memory 1 1 of the entrainment card 7 are rewritten to the cryptographic key which carries out 
current use, and two or more cryptographic keys which are due to be used from now on in that case (step 
n5). By this, the cryptographic key which carries out current use is chosen and used for the entrainment 
card 7 at the beginning, and the cryptographic key used with an updating command is updated henceforth 
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in order. 

[0080] In addition, what is necessary is just to write in the cryptographic key which carries out current use, 
and two or more cryptographic keys which are due to be used from now on, without performing mutual 
recognition, when an entrainment card collects the used card, and does not publish them but it completely 
publishes an entrainment card newly. 

[0081] With the gestalt of above-mentioned operation, also although it applies and excels in station service 
systems, such as an automatic wicket, this invention is not limited to this system and applied also to an 
automatic toll collection system or its alien system. 

[0082] Moreover, with the gestalt of above-mentioned operation, also although it applies and excels in the 
communication link of a non-contact method, this invention may be applied also to the communication link 
of a contact method. 
[0083] 

[Effect of the Invention] According to this invention, the following effectiveness can be acquired as 
mentioned above. 

[0084] Since cipher processing is performed in cipher processing between read-out / write-in machine 
using either of two or more cryptographic keys according to the storage of this invention of claim 1 Since 
the cryptographic key which the security nature of the whole system is not spoiled and is used is also 
updated if needed by the command from read-out / write-in machine even if one common cryptographic 
key is decoded like a common cryptographic key method At random, like the conventional example using all 
cryptographic keys, a possibility that all cryptographic keys may be monitored and decoded is low, and 
security nature improves. 

[0085] According to the storage of this invention of claim 2, since some [ at least ] cryptographic keys of 
two or more cryptographic keys can be rewritten from read-out / write-in machine, by the time two or 
more cryptographic keys memorized will be altogether used by updating, it can rewrite to a new 
cryptographic key, and by this, updating to a new cryptographic key is attained permanently, and security 
nature can be secured permanently. 

[0086] According to read-out / the write-in machine of this invention of claim 3, the cryptographic key 
which the storage is using When it is the cryptographic key which judges whether it is the cryptographic 
key used in the past, and was used in the past with read-out / write-in machine Since the cryptographic 
key which sends out an updating command to a storage and a storage uses for it can be updated, the 
cryptographic key of a storage can be made in agreement with the newest cryptographic key which read- 
out / write-in machine is using now. Therefore, in order to change the cryptographic key which a storage 
uses, it is not necessary to collect storages and to do the difficult activity of changing cryptographic keys 
all at once, and a cryptographic key will be automatically changed by using a storage and communicating 
between read-out / write-in machine. 

[0087] Since the cryptographic key used with the command from a high order device is changed according 
to read-out / the write-in machine of this invention of claim 4 The need is accepted. At for example, when 
[ periodical or when there is a possibility that the cryptographic key which is carrying out current use may 
be decoded ] The cryptographic key used with the command from a high order device can be changed into 
a new cryptographic key, security nature can be secured, and the cryptographic key which a storage uses 
according to an operation of claim 3 can also be made further in agreement with the changed cryptographic 
key. 

[0088] Since some [ at least ] cryptographic keys of two or more cryptographic keys which the storage has 
memorized are rewritten according to read-out / the write-in machine of this invention of claim 5, by the 
time all the cryptographic keys with which renewal of sequential is carried out and the cryptographic keys 
of a storage are remembered to be will be used, it can rewrite to two or more new cryptographic keys, and 
by this, updating to a new cryptographic key is attained permanently, and security nature can be secured 
permanently. 

[0089] If the cryptographic key of a card is a cryptographic key used in the past with read-out / write-in 
machine even if the cryptographic key of a card, and a read-out / write-in machine is not in agreement 
according to the card system of this invention of claim 6, since the cryptographic key of a card is updated 
and it is in agreement with the cryptographic key of read-out / write-in machine, mutual recognition 
becomes possible. And since the storage is used as the card, it can carry out suitable for various kinds of 
applications, such as an automatic tariff collecting system, and claim 1 thru/or the operation effectiveness 
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of 5 can be notably done so. 

[0090] According to the cryptographic key operation of this invention of claim 7, read-out / write-in 
machine By comparing the encryption data from a storage with the created encryption data Judge whether 
the cryptographic key of a storage is in agreement with the cryptographic key which read-out / write-in 
machine is using, and when not in agreement Since it judges whether the cryptographic key of a storage is 
a cryptographic key used in the past, and the cryptographic key of a storage is made to update when it is 
the past cr/ptographic key, the cryptographic key of the cryptographic key of a storage, and a read-out / 
write-in machine can be made in agreement. 

[0091] Moreover, since the storage, and read-out / write-in machine have memorized two or more 
cryptographic keys Even if a common cryptographic key is decoded like the common cryptographic key 
method which has memorized only one common cryptographic key, the security nature of the whole system 
is not spoiled. Moreover, since the cryptographic key to be used is also updated if needed by the command 
from read-out / write-in machine At random, like the conventional example using all cryptographic keys, a 
possibility that all cryptographic keys may be monitored and decoded was low, and it did not need to be 
said further that two or more cryptographic keys memorized by the storage were changed all at once. 
[0092] According to the station service system of this invention of claim 8, it sets to cipher processing 
between an entrainment card, and read-out / write-in machine of an automatic ticket gate. An entrainment 
card, and read-out / write-in machine Even if a common cryptographic key is decoded like [ since two or 
more cryptographic keys are memorized ] the common cryptographic key method which has memorized 
only one common cryptographic key, the security nature of the whole system is not spoiled. Moreover, 
since the cryptographic key to be used is also updated if needed by the command from read-out / write-in 
machine At random, like the conventional example using all cryptographic keys, a possibility that all 
cryptographic keys may be monitored and decoded was low, and it did not need to be said further that two 
or more cryptographic keys memorized by the entrainment card were changed all at once. 
[0093] According to the station service system of this invention of claim 9, at the time of issue of an 
entrainment card, since two or more cryptographic keys memorized by the entrainment card are rewritten, 
updating of a card issue machine to a new cryptographic key is attained permanently, and it can secure the 
security nature of a system permanently. 

[0094] While writing in two or more cryptographic keys which are due to be used the cryptographic key 
which carries out current use, and in the future, without performing mutual recognition etc. not using the 
collected entrainment card at the time of issue of a completely new entrainment card according to the 
card issue machine of this invention of claim 10, it sets up so that the cryptographic key which carries out 
current use may be chosen, and an entrainment card can be published. 
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LThis document has been translated by computer. So the translation may not reflect the original precisely. 

2.**** shows the word which can not be translated. 
3.1n the drawings, any words are not translated. 



DESCRIPTION OF DRAWINGS 



[Brief Description of the Drawings] 

[Drawing 1] It is the outline block diagram of the system concerning the operation gestalt of this invention. 
[Drawing 2] It is the perspective view of an automatic ticket gate. 
[Drawing 3] It is the block diagram of an entrainment card. 

[Drawing 4] It is drawing showing the contents of storage of the cryptographic key storage memory of an 
entrainment card. 

[Drawing 5] It is the block diagram of read-out / write-in machine. 

[Drawing 6] It is drawing showing the duration of service of a cryptographic key. 

[Drawing 7] It is drawing showing the contents of storage of the cryptographic key storage memory for 
entrainment cards of read-out / write-in machine. 

[Drawing 8] It is the flow chart with which explanation of read-out / write-in machine of an automatic 
ticket gate of operation is presented. 

[Drawing 9] It is the flow chart with which explanation of mutual recognition of operation is presented. 
[Drawing 10] It is the flow chart with which explanation of read-out / write-in machine of a card issue 
machine of operation is presented. 
[Description of Notations] 

I Automatic Ticket Gate 

6 Read-out / Write-in Machine 

7 Entrainment Card 
8,15 CPU 

I I Cryptographic Key Storage Memory 
1 4 23 Antenna coil 

1 9 Cryptographic Key Storage Memory for Entrainment Cards 
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